[Gambas-user] Security, how to check if a library is genuine?
chrisml at deganius.de
Thu Aug 19 14:36:16 CEST 2021
Am 19.08.21 um 08:28 schrieb bb:
> I am working on a non-intrusive authorisation method to see if a user
> is allowed to run an application. In order to do so they must belong to
> a specific hardcoded group.
> It is (currently) implemented as a library. So the actual library
> "could" be replaced by a user with another library that just returns
> So, does anyone have a good idea how the application could check
> whether "authlib" is the genuine library?
For sure by cryprographically signing the lib's binary. But then you
need a CA with which you can issue certificates that can be used to
verify the signature.
Dies ist keine Signatur
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 840 bytes
Desc: OpenPGP digital signature
More information about the User